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CIAIMS 



1. System in a digital wireless data communication 

network (10) for arranging end-to-end (e2e) encryption^ 
5 especially for communication in audio fointi^ in which data 
communication network (10) two or more pieces of terminal 
equipment (11.1, 11-2) communicate with one another, including 
at least 

- a codec (24) to convert an audio signal into a 
10 dataflow and vice versa, 

- air-interface encryption means (19, 30), 

- means (28) for management of encryption parameters 
(TEK, IV) stored in connection with the terminal 
equipment (11.1, 11.2) 

15 - an encryption key stream generator KSG (23) to 

generate a key stream segment (KSS) with the said 
encryption parameters (TEK, IV) , 

- means (20) for encrypting a dataflow and for decryp- 
tion of the encryption with the generated key stream 

20 segment (KSS, IV), 

- means (33.1, 33.2) for synchronization of the 
encrypted dataflow and for de-synchronizing the 
synchronization, and 

- at least one interface (19) for receiving the 
25 encryption parameters from the data communication 

network (10) , 

and wherein at least one of the pieces of terminal equipment 
belonging to the data communication network (10) is fitted to 
function as a special server terminal device (15), which 
30 manages and distributes at least the encryption parameters (19) 
concerning the data communication network (10) to the other 
pieces of terminal equipment (11.1, 11.2) based on an estab- 
lished criterion, characterized in that 
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- in the data communication network (10) a special 
server terminal device (15) is also arranged, which is 
arranged to manage at least encryption and/or synchro- 
nization applications (32) and to distribute these 

5 based on an established criterion to the other pieces 

of terminal equipment (11.1, 11.2) and 

- functionalities (21, 22) are arranged in the termi- 
nal equipment (11.1, 11.2) for downloading and manag- 
ing the said applications (32) and 

10 - data memory (23) for storing the applications (32) 

and 

- a processor (20) and operating memory for carrying 
out the applications (32) . 

15 2. System according to claim 1, characterized in that the 
terminal equipment (11.1, 11.2) is adapted with the said 
processor (20) to run applications (32) according to the J2ME 
(Java 2 Platform Micro Edition) specification. 

20 3. System according to claim 2, characterized in that the 
terminal equipment (11.1, 11.2) is configured in accordance, 
with the MIDP (Mobile Information Device Profile) specifica- 
tion. 

25 4. System according to any one of claims 1-3, characterized 
in that downloading of applications (32) at the terminal 
equipment (11.1, 11-2) is arranged to take place in a self- 
organizing manner, such as, for example, as SDS (Short Data 
Service) messages. 

30 

5. Digital wireless terminal equipment (11.1, 11.2), to which 
functionalities belong, at least 

- a module (20) for carrying out encryption. 
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- one or more modules (33.1, 33.2) for carrying out 
synchronization, and 

- a module (21, 28) for receiving and managing at 
least encryption keys (TEK) , 

5 r-haracterized in that the functionality of at least one module 
(20, 33.1, 33.2, 21) is adapted for implementation with a 
dynamic application (27) based on a program. 

6. Terminal equipment (11.1, 11.2) according to claim 5, 
10 including at least a SIM module (28), characterized in that the 
said application (27) is adapted to arrange command functional- 
ity (21') at least at the interface between the SIM module (28) 
and the terminal equipment (11.1, 11.2) through the programming 
interface (MIDP API) of the application (27) . 



